$ whoami

Tsaqif Fawwaz - Ethical Hacker & Security Researcher

$ echo $passion

Cybersecurity | Penetration Testing | Vulnerability Research

Hello, I'm Tsaqif

Cybersecurity Enthusiast | Ethical Hacker | CTF Player

Passionate about uncovering vulnerabilities, securing systems, and sharing knowledge through write-ups and research.

View Write-ups Get In Touch

About Me

I'm Muhammad Tsaqif Fawwaz Nasywan, a passionate cybersecurity enthusiast and ethical hacker pursuing a degree in Applied Informatics at Politeknik Elektronika Negeri Surabaya.

My journey in cybersecurity is driven by an insatiable curiosity about system vulnerabilities and security mechanisms. I dedicate my time to studying penetration testing techniques, reverse engineering, network security, and cryptography to build a strong foundation in offensive and defensive security.

I actively participate in Capture The Flag (CTF) competitions and security challenges, continuously expanding my skill set. I document my learning journey through detailed write-ups and technical blogs, sharing insights and methodologies with the cybersecurity community.

My goal is to become a proficient security professional capable of identifying and mitigating sophisticated threats while contributing to a safer digital ecosystem.

Download CV

Core Skills

Penetration Testing

Web App Testing, Network Pentesting, Vulnerability Assessment, Burp Suite, Metasploit

Network Security

TCP/IP, Packet Analysis, Wireshark, Sniffing, Man-in-the-Middle Attacks

Cryptography

Encryption, Hashing, Digital Signatures, Steganography, Cipher Analysis

Malware Analysis

Reverse Engineering, Binary Analysis, Dynamic/Static Analysis, IDA Pro

Programming

Python, Bash, JavaScript, PHP, C - Exploit Development & Scripting

CTF & Hacking

Capture The Flag, Web Exploitation, Reverse Engineering, Steganography, Forensics

Write-ups & Projects

SQL Injection Exploitation

Complete write-up on identifying and exploiting SQL injection vulnerabilities in web applications. Includes bypass techniques, authentication evasion, and data exfiltration methods.

Web Security SQL Injection

Read Write-up

Man-in-the-Middle Attack Lab

Comprehensive guide to MITM attacks using ARP spoofing. Covers network sniffing, session hijacking, and credential harvesting in a controlled environment.

Network Security MITM

Read Write-up

TryHackMe CTF Solutions

Detailed walkthrough of challenging CTF scenarios including privilege escalation, hash cracking, and forensic analysis. Tools: Hashcat, John, Ghidra, Volatility.

CTF Forensics

Read Write-up

Malware Reverse Engineering

Analysis of a trojan sample using IDA Pro and dynamic debugging. Covers unpacking, function identification, API hooking, and behavioral analysis.

Malware Analysis Reverse Eng.

Read Write-up

XSS Vulnerability Assessment

Finding and exploiting Cross-Site Scripting vulnerabilities. Covers reflected XSS, stored XSS, DOM-based XSS, and WAF bypasses using Burp Suite.

Web Security XSS

Read Write-up

Cryptography Challenge Solutions

Solutions to cryptographic puzzles including RSA attacks, weak cipher analysis, and side-channel attacks. Python scripts included.

Cryptography Python

Read Write-up

Certifications & Achievements

CompTIA Security+

In Progress

Comprehensive security fundamentals and best practices

HackTheBox Pro

Active Member

50+ Machines Rooted | Ranked Top 5%

TryHackMe Master

2500+ Points

Completed 100+ Security Training Rooms

CTF Competitions

Active Participant

Multiple competition victories

Let's Connect

Location

Surabaya, Indonesia

Email

tsaqif.fawwaz@example.com

Phone

+62 812 3456 7890

Availability

Always Available for Security Discussions